﻿#region Copyright Jonathan Quiros

//	
// All rights are reserved. Reproduction or transmission in whole or in 
// part, in any form or by any means, electronic, mechanical or otherwise, 
// is prohibited without the prior written consent of the copyright owner.
//
// Filename: AccessController.cs
//

#endregion

using System.Web.Mvc;
using System.Web.Security;
using Novagoal.Logic;
using Novagoal.Website.Models.Forms;
using Novagoal.Website.Models.Views;
using Novagoal.Website.WebApp.Helpers;

namespace Novagoal.Website.WebApp.Controllers
{
    public class AccessController : Controller
    {
        #region PROPERTIES

        private readonly UsersLogic _usersLogic;
        public IApplicationSettings ApplicationSettings { get; set; }

        #endregion

        #region PUBLIC METHODS

        public AccessController(UsersLogic usersLogic)
        {
            _usersLogic = usersLogic;
        }

        [HttpGet]
        public ActionResult Login()
        {
            return View(new BaseViewModel());
        }

        // ReSharper disable Asp.NotResolved
        [HttpPost]
        public ActionResult Login(LoginFormModel loginFormModel)
        {
            if (!User.Identity.IsAuthenticated)
            {
                if (ModelState.IsValid)
                {
                    var message = _usersLogic.ValidateCredentials(loginFormModel.Username, loginFormModel.Password);
                    if (string.IsNullOrEmpty(message))
                    {
                        FormsAuthentication.SetAuthCookie(loginFormModel.Username, false);
                        _usersLogic.UpdateUserLastAccess(loginFormModel.Username);
                        return RedirectToAction("Index", "Home");
                    }
                    ModelState.AddModelError("Unauthenticated", message);
                }
                return View(new BaseViewModel());
            }
            return RedirectToAction("Index", "Home");
        }
        // ReSharper restore Asp.NotResolved

        // ReSharper disable Asp.NotResolved
        [HttpGet]
        public ActionResult Activation(string username, string code)
        {
            if (!User.Identity.IsAuthenticated)
            {
                if (_usersLogic.ValidateActivation(username, code))
                {
                    return View(new ActivationViewModel
                                    {
                                        ActivationCode = code,
                                        Username = username
                                    });
                }
                TempData.SetMessage("The activation code is invalid", MessageType.Warning);
                return View("Login", new BaseViewModel());
            }
            return RedirectToAction("Index", "Home");
        }
        // ReSharper restore Asp.NotResolved

        [HttpPost]
        public ActionResult Activation(ActivationFormModel formModel)
        {
            if(ModelState.IsValid)
            {
                _usersLogic.SetNewPassword(formModel.Username, formModel.Password);
                return View("Login", new BaseViewModel
                {
                    SuccessMessage = "password was changed successfully"
                });
            }
            return View(ModelFromForm(formModel));
        }

        [HttpGet]
        public ActionResult Logout()
        {
            FormsAuthentication.SignOut();
            Session.Abandon();
            return RedirectToAction("Login");
        }

        [HttpGet]
        public ActionResult Reset()
        {
            return View(new BaseViewModel());
        }

        [HttpPost]
        public ActionResult Reset(string username)
        {
            var user = _usersLogic.GetUser(username);
            if(user == null)
            {
                ModelState.AddModelError("username", "Username is invalid");
                return View(new BaseViewModel());
            }
            
            var link = Url.Action("Activation", "Access",
                                          new {username = user.Person.EmailAddress, code = user.ActivationCode},
                                          Request.Url.Scheme);

            _usersLogic.SendActivationMail(user, link);
            return View(new BaseViewModel
                            {
                                SuccessMessage = "A password reset link has been sent to your email"
                            });
        }

        #endregion

        #region PRIVATE METHODS

        private ActivationViewModel ModelFromForm(ActivationFormModel activationFormModel)
        {
            return new ActivationViewModel
                       {
                           ActivationCode = activationFormModel.ActivationCode,
                           Username = activationFormModel.Username,
                       };
        }

        #endregion
    }
}
